Cisco Security Advisory - Cisco Embedded Wireless Controller with Catalyst Access Points IP Flood Denial of Service Vulnerability

Started by Netwörkheäd, April 13, 2022, 12:09:33 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

Netwörkheäd

April 13, 2022, 12:09:33 PM
Cisco Embedded Wireless Controller with Catalyst Access Points IP Flood Denial of Service Vulnerability

<p class="line874">A vulnerability in IP ingress packet processing of the Cisco&nbsp;Embedded Wireless Controller with Catalyst Access Points Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, causing a denial of service (DoS) condition. The device may experience a performance degradation in traffic processing or high CPU usage prior to the unexpected reload.<span id="line-100" class="anchor"></span></p>
<p class="line874">This vulnerability is due to improper rate limiting of IP packets to the management interface. An attacker could exploit this vulnerability by sending a steady stream of IP traffic at a high rate to the management interface of the affected device. A successful exploit could allow the attacker to cause the device to reload.</p>
<p>Cisco&nbsp;has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.</p>
<p>This advisory is available at the following link:<br>
<a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ip-flood-dos-6hxxENVQ" target="_blank">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ip-flood-dos-6hxxENVQ</a></p>

     
         
Security Impact Rating:  High
   
   
       
CVE: CVE-2022-20622
Source: Cisco Embedded Wireless Controller with Catalyst Access Points IP Flood Denial of Service Vulnerability
Let's not argue. Let's network!
Print
Go Up Pages1
User actions